package com.cskaoyan.controller;

import com.cskaoyan.config.zjhShiro.MallToken;
import com.cskaoyan.mapper.MarketAdminMapper;
import com.cskaoyan.mapper.MarketRoleMapper;
import com.cskaoyan.module.bean.AdminInfoBean;
import com.cskaoyan.module.bean.BaseRespVo;
import com.cskaoyan.module.bean.InfoData;
import com.cskaoyan.module.bean.LoginUserData;
import com.cskaoyan.module.pojo.MarketAd;
import com.cskaoyan.module.pojo.MarketAdmin;
import com.cskaoyan.module.pojo.MarketUser;
import com.cskaoyan.service.AdminService;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import java.util.ArrayList;
import java.util.Map;

//shiro整合之后，在做具体的开发
//响应结果都是JSON，Controller组件上我们都用@RestController注解
@RestController
@RequestMapping("admin/auth")
public class AuthController {
    @Autowired
    AdminService adminService;
    /**
     * 如果参数比较少，类型比较简单的话，使用map来接收也可以
     */
    @RequestMapping("login")
    public BaseRespVo<LoginUserData> login(@RequestBody Map map) {
        String username = (String)map.get("username");
        String password = (String)map.get("password");
        //执行认证的是subject主体
        //在每一个controller中的handler方法里都可以这样子获得subject
        Subject subject = SecurityUtils.getSubject();
        try {
            //会使用到一个认证器，有默认的认证器可以使用，会使用到realm
            subject.login(new MallToken(username, password,"market"));
            //通常做一个try catch，因为登录失败，通常会抛出异常
            //如果不用try catch，就用exceptionhandler
        } catch (Exception e) {
            e.printStackTrace();
            return BaseRespVo.invalidData();
        }
        //判断登录是否成功
//        boolean authenticated = subject.isAuthenticated();

        LoginUserData loginUserData = new LoginUserData();
        AdminInfoBean adminInfo = new AdminInfoBean();
//        adminInfo.setAvatar("https://wpimg.wallstcn.com/f778738c-e4f8-4870-b634-56703b4acafe.gif");
//        adminInfo.setNickName("admin123");
//        loginUserData.setAdminInfo(adminInfo);
//        loginUserData.setToken("c4d988f3-e4c5-4e46-b6ce-13b9e008ea20");
        //把sessionid返回前端，前端发生请求的时候，就会通过请求头携带sessionid
        loginUserData.setToken((String) subject.getSession().getId());
        return BaseRespVo.ok(loginUserData);
    }

    @RequestMapping("info")
    public BaseRespVo info(String token) {

        Subject subject = SecurityUtils.getSubject();
        System.out.println(subject.isAuthenticated());
        //拿到认证成功之后的用户信息，realm的simpleAuthticationInfo中的第一个参数
        //拿信息的时候会拿到
        MarketAdmin admin = (MarketAdmin) subject.getPrincipals().getPrimaryPrincipal();

        // MarketUser marketUser = (MarketUser) subject.getPrincipals().getPrimaryPrincipal();


        //开发完shiro之后，再整合
        InfoData infoData = new InfoData();
        infoData.setName(admin.getUsername());

        //根据primaryPrincipal做查询
        infoData.setAvatar(admin.getAvatar());
        //用户的权限id(有多个)
        Integer[] roleIds = admin.getRoleIds();
        //通过id查权限名字
        ArrayList<String> roles = adminService.getRole(roleIds);

        infoData.setRoles(roles);
        //通过id查具体的权限permissions
        ArrayList<String> perms = adminService.getPerm(roleIds);

        infoData.setPerms(perms);

        return BaseRespVo.ok(infoData);
    }


    @PostMapping("logout")
    public BaseRespVo logout() {
        BaseRespVo<Object> baseRespVo = new BaseRespVo<>();
        baseRespVo.setErrmsg("成功");
        baseRespVo.setErrno(0);
        return baseRespVo;
    }
}
